What is claimed is: 

1 . A method of authentication and payment in an authentication 
and payment system that has a terminal, at least one server and a 
network connecting these terminal and server, the method that is carried 
out by the server comprising the steps of: 

receiving a request for usage of a service from the terminal 
through the information network; 

selecting at least one situation from a plural situations of a 
content described in a service certificate sent from the terminal, a 
network environment and a system policy; and 

changing a service procedure and/ or a message format to operate 
the authentication and payment system according to the selected 
situation. 

2. A terminal comprising: 

a receiver configured to receive a first certificate of service 
including related information from an authentication and payment device 
through an information network; and 

a transmitter configured to manipulate the first certificate of 
service to generate a second certificate of service including identification 
information of the terminal and to transmit the second certificate of 
service to a service providing device through the information network. 

3. A terminal in accordance with claim 2, wherein the second 
certificate of service is generated from all or a part of the first certificate of 
service; from all or a part of the first certificate of service and a piece of 
new information added thereto; from all or a part of the first certificate of 
service and a digital signature added thereto; or from all or a part of the 
first certificate of service and the piece of new information and the digital 
signature added thereto. 

4. A terminal in accordance with claim 3, wherein the second 
certificate of service is generated from identification information including 
at least one of an identifier of certification, an identifier of an 
authentication and payment device and a digital signature of the 
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authentication and payment device, which are extracted from the first 
certificate of service, form the identification information and a piece of 
new information added thereto, or from the identification information and 
the piece of new information and a digital signature added thereto. 
5 5. A terminal comprising: 

usage history managing means configured to manage a usage 
history of a certificate of service distributed from an authentication and 
payment device through an information network; and 

acknowledgement means configured to acknowledge to the 
10 authentication and payment device when the usage history satisfies 
conditions defined in the certificate of service. 

6. A service providing device comprising: 

a receiver configured to receive a certificate of service sent from a 
terminal through an information network; and 
15 a transmitter configured to transmit a request for authentication 

and payment itself or wih a digital signature to an authentication and 
payment device through the information network, and 

wherein the request for authentication and payment is to be 
formed from all or a part of the certificate of service or from all or a part of 
20 the certificate of service and a piece of new information added thereto. 

7. A service providing device in accordance with claim 6, wherein 
the request for authentication and payment is formed from identification 
information including at least one of an indentifier of the certificate of 
service, an identifier of the authentication and payment device and a 

25 digital signature of the authentication and payment device, which are 
extracted from the certificate of service, or from the identification 
information and a piece of new information added thereto; and the 
request for authentication and payment is to be transmitted itself or with 
a digital signature added thereto. 

30 8. A service providing device in accordance with claim 7, further 

comprising: 

a controller configured to select timing of providing a service in 
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response to the request from the terminal or timing of processing the 
request for authentication and payment to the authentication and 
payment device, or configured to simplify the processing of the request for 
authentication and payment. 
5 9. A service providing device in accordance with claim 7, further 

comprising: 

another receiver configured to receive a first certificate of service 
from the terminal through the information network; and 

another transmitter configured to generate a second certificate of 
10 service by adding a piece of new information to the first certificate of 

service and to transmit the generated second certificate of service to the 
terminal through the information network. 

10. An authentication and payment device comprising: 
certificate of service issuing means for issuing a certificate of 

15 service to other device; and 

processing means for processing at least one of verification of a 
request for authentication and payment sent from other device through 
an information network, authentication of the received request for 
authentication and payment, permission for provision of service that is 

20 requested by the request for authentication and payment, and payment 
for the provision of service. 

1 1 . An authentication and payment device in accordance with 
claim 10, wherein the certificate of service contains at least one piece of 
information of an identifier of the certificate of service, an identifier of the 

25 authentication and payment device, an identifier of the other device, 

information of expiration date of the certificate of service, and information 
of constraint of service to the other device. 

12. An authentication and payment device in accordance with 
claim 10, further comprising: 

30 information storing means for storing all or a part of information 

which is inherently to be contained in the certificate of service as a stored 
information, and 
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wherein the certificate of service contains information of a location 
of the stored information in the information storing means. 

13. An authentication and payment device in accordance with 
claim 10, further comprising: 

a transmitter configured to transmit the certificate of service to the 
other device in response to a request therefrom or in accordance with a 
predetermined condition for transmission. 

14. An authentication and payment device in accordance with 
claim 13, wherein the certificate of service issuing means updates a 
content of the certificate of service along with an update of information 
under control of the authentication and payment device, and the 
transmitter transmits the updated certificate of service to the other 
device. 

15. An operation method of an authentication and payment 
system including a terminal, a service providing device, an authentication 
and payment device and an information network connecting these 
devices, comprising the steps of: 

receiving a request for use of a service from the terminal through 
the information network; 

analyzing a content of a certificate of service to be sent to the 
terminal, a network environment and/ or a system operation policy; and 

adapting service procedures and/ or message formats to at least 
one of plural situations of the content of the certificate of service, the 
network environment and the system operation policy. 

16. A control information providing device comprising: 
receiving means of a request for use of a service; 

analyzing means of a content of a certificate of service, a network 
environment and/ or a system operation policy; and 

control information generating means configured to generate 
control information adaptive to at least one of plural situations of the 
content of the certificate of service, the network environment and the 
system operation policy. 



17. A control information providing device in accordance with 
claim 16, further comprising: 

open means configured to open the control information generated 
by the control information generating means to the information network. 
5 18. A control information providing device in accordance with 

claim 16 or 17, wherein the control information contains a piece of 
information of an identifier. 
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